Has anyone out there successfully set up Puppet to use FreeIPA as an LDAP 
provider for user resources ?

I found 
which says:
This use also has no special rights and is unable to write any data in the IPA 
LDAP server, only read.

but this page
User management via LDAP:  This provider requires that you have valid values 
for all of the LDAP-related settings in puppet.conf, including ldapbase. You 
will almost definitely need settings for ldapuser and ldappassword in order for 
your clients to write to LDAP.

Thus my dilemma.  Can I make the IPA "service account" read-write or can Puppet 
live with read-only ?

“Sometimes I think the surest sign that intelligent life exists elsewhere in the 
universe is that none of it has tried to contact us.”  (Bill Waterson: Calvin & 
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 

Reply via email to